5 Best VPNs for the UK and some to avoid

Human rights and civil liberties are generally upheld in the United Kingdom, but that might be about to change due to a series of new laws trying to clamp down on online content.

In November 2016 the British public woke up to the Investigatory Powers Act, which legalized surveillance of all residents with little oversight. This means your online activity is now subject to intense scrutiny by shadowy government agencies who are able to track anything and everything you do on the web.

For these reasons, it’s best to use a VPN while accessing the internet in the UK. Short for Virtual Private Network, a VPN encrypts all the traffic flowing to and from your device by tunneling it via an intermediary server. This adds a layer of privacy and security – making it extremely difficult for eavesdroppers to tune in.

If you don’t want to read the rest of this article, here’s our list of the top 5 VPNs for the UK:

A VPN is also an excellent option for accessing local content while abroad. British expats and holidaymakers can use a VPN to watch channels like Sky, BBC, and BT Sport even if they’re physically present in Asia or Latin America. All they have to do is log in to their VPN service, select a server based in the UK, and click ‘connect’.

Once the connection is established, the host website will assume you’re in Britain – thereby opening up content previously unavailable.

What is the best VPN for the UK?

Our list of the best VPNs for the UK is based on the following factors:

Speed and reliability of service

Strong encryption parameters

No usage logs

Unblocks geo-restricted content with ease

Servers in Great Britain so you can connect to local content when abroad, such as BBC iPlayer

ExpressVPN is one of the top VPN services out there due to a customer-first approach, blazing-fast speeds, minimal downtime, and large network of servers.

The company operates over 1,500 servers spread across 94 countries with quick and efficient connections to all and sundry. There are seven locations in the UK – ideal for residents of the country traveling abroad and wishing to access local content like BT Sports, Sky, and BBC iPlayer.

ExpressVPN does not store any traffic logs. It does, however, extract some minimal information such as the date (not time) of connection, choice of server location, and total bandwidth used. Your individual IP address is not logged under any circumstances so the service won’t be able to identify you.

Furthermore, the company is headquartered in the British Virgin Islands – out of the jurisdiction of British authorities. Hence your data is not at risk.

However, if you’re still uncomfortable about the metadata retention, then a reassuring factor is that the service will never log your individual IP address. Additionally, you can sign up via a burner email account and pay through Bitcoin – this way your privacy and anonymity is assured.

ExpressVPN utilizes 256-bit AES-CBC as its encryption standards as well as both HMAC authentication and perfect forward secrecy. There’s an internet kill switch included, referred to as a network lock, which means all web traffic will be temporarily halted if the connection drops unexpectedly.

IPVanish is headquartered in the US and hence not subject to British data retention laws. Furthermore, it has a stated policy of not storing any internet traffic logs or metadata. The only time it retains information is when an account is registered for the first time. After that, your browsing history is kept hidden.

IPVanish incorporates robust encryption standards, which means prying eyes such as the NSA and hackers are kept at a distance. It uses 256-bit encryption on the OpenVPN protocol by default, SHA512 authentication, and a DHE-RSA 2,048-bit key exchange with perfect forward secrecy.

There’s an internet kill switch embedded within the system architecture, which means traffic will be temporarily halted if the connection drops out of the blue. Servers are optimized for speed, stability, and security – with over 850 of them spread across 60 countries, including 62 in the UK.

IPVanish doesn’t unlock geo-restricted content on Netflix or Hulu but does make our list of the best VPNs for BBC iPlayer. There are apps for both iOS and Android as well as desktop support for Windows and MacOS.

NordVPN is another service that applies a true zero-logs policy – hence there’s no data retention pertaining to user sessions, traffic, or timestamps.

This decision has resulted in failed attempts by foreign agencies to extract user data from its servers. NordVPN has received requests for information in the past but it simply shrugged its shoulders, saying there was no possible way to comply. Authorities also confiscated servers in one instance but weren’t able to glean any valuable insights.

The company operates 976 servers in 56 countries making it a robust choice for whatever it is you want to do online – gaming, streaming video, or downloading. 99 of these servers are present in the UK so latching onto a suitable connection won’t be a problem.

It’s able to overcome the Netflix VPN ban with ease, as well as unlocking content from Hulu and BBC iPlayer.

NordVPN uses the 256-bit AES protocol encryption standard by default coupled with 2,048-bit SSL keys. DNS leak protection is enabled. A single subscription grants access to six devices – with support for Windows, MacOS, iOS, and Android.

Cyberghost Pro is headquartered in Romania, which means it’s not subject to mandatory data retention laws. The firm adds that it doesn’t log user behavior or browsing habits at all. However, it was recently purchased by a UK-based firm so that could change things. We’ll update the article if we hear more on this front.

There are over 850 servers spread across the world with 93 of them in the UK alone. So British expatriates and tourists traveling abroad won’t find a problem accessing local content. Apps are available for both Android and iOS as well as desktop support for Windows and MacOS.

The service isn’t able to circumvent the Netflix ban on VPNs but does work on BBC iPlayer.

Encryption standards are stringent. Cyberghost Pro uses 256-bit AES encryption on the OpenVPN protocol by default along with 2,048-bit RSA keys and MD5 HMAC authentication. This means it’s in the top-tier of VPNs when based on sturdy encryption.

There’s also an internet kill switch included, which means web traffic will be halted if the connection drops unexpectedly.

VyprVPN states that it does store some user data, specifically “the user’s source IP address, the VyprVPN IP address used by the user, connection start and stop time, and total number of bytes used.”

But it insists that all this information is only kept on servers for 30 days and is only used to improve the quality of service. VyprVPN adds that there’s no way of determining exact details of web traffic or content of communications.

VyprVPN is a popular choice for British residents visiting China because it’s able to sidestep the Great Firewall. What this means is that thousands of government-appointed engineers working around the clock haven’t been able to block its operations. That’s definitely an achievement, which should propel it into the gold standard of VPNs.

The company owns and manages entire data centers, which optimize speed and stability of connections. All traffic is secured by the OpenVPN protocol, 256-bit AES encryption, 2,048-bit RSA keys without perfect forward secrecy, and SHA256 authentication.

VyprVPN includes an internet kill switch by default which means internet traffic will be halted temporarily if the connection drops.

A premium version of the package allows access to the Chameleon ™ protocol, which scrambles OpenVPN metadata so deep packet inspection cannot recognize it.

There are over 700 servers, including a few in London – although the company doesn’t say how many there are in total. Apps are available for both Android and iOS as well as desktop support for Windows and MacOS.

Free VPN options

There’s always the option of settling for a free VPN if you’re just looking for a quick fix.

But free VPN services definitely don’t grant the same experience as paid ones. There’s usually just one or two servers you can connect to. Encryption parameters are weak, so don’t assume your connection will be optimized for privacy and security. And there will most likely be a data cap which means your connection can terminate if you stream video for too long.

Our recommendation is to avoid such providers. There’s no such thing as a free lunch – free VPNs monetize by aggressively inserting tracking cookies, monitoring your browsing patterns, and selling the data to third-party advertisers. You run a real risk of a malware infection – which can lead to data loss and a painful procedure of recovering your device.

VPNs to avoid

It’s clear that one of the primary factors of opting for a VPN is to secure privacy and guarantee anonymity. So when some companies willingly opt to sacrifice ethics by forking over user data, it’s better to leave them alone.

Here are two such VPN services we think you should keep at bay:

1. PureVPN

Well-known VPN company PureVPN recently joined forces with the FBI to help arrest Ryan Lin, a PureVPN user accused of online blackmailing and extortion attempts on an unnamed 24-year-old woman.

The US law enforcement agency sprang into action after these disturbing allegations came to light. They were able to trace the root of the activity back to a VPN – Ryan thought it would help cover his tracks. But PureVPN, despite having a ‘no-logs’ policy, was able to identify Ryan and hand over his personal information.

2. HolaVPN

Israel-based Hola, which was a popular VPN extension for Chrome that once boasted over 50 million users, took advantage of its critical mass to unwittingly turn its users into a massive botnet.

If you had HolaVPN installed, then part of your internet bandwidth was scuppered for illegal purposes such as Distributed Denial of Service attacks (DDoS). It could also have been used for accessing copyrighted content or pictures of child abuse.

Avoid it, at all costs.

Is using a VPN legal in the UK?

Broadly speaking, it is perfectly legal to use a VPN within the UK. There’s no specific legislation that prohibits it outright. However, you’re still breaking laws if you use a VPN to engage in illegal activities like selling drugs online or uploading child pornography.

Are internet freedoms in the UK under threat?

Britain has had a history of left-leaning political activism, exemplified by the fact that the Labor Party is a dominant political force in the country, but recent legislation on privacy and surveillance is eerily Orwellian in nature.

In November 2016, the British Parliament enacted the Investigatory Powers Act, also known colloquially as the “Snoopers Charter”. It grants UK intelligence agencies and police far-reaching powers of surveillance – legalising methods of snooping that The Guardian says are “unmatched by any other country in western Europe or even the US”.

That’s a scary thought.

It’s been a long-held view that national security agencies in the US and the UK – NSA and GCHQ – have a history of collusion and intelligence sharing. So it’s likely that most, if not all, surveillance of residents in the UK will be shared with other western governments, too.

At the time, NSA whistleblower Edward Snowden had tweeted: “The UK has just legalised the most extreme surveillance in the history of western democracy. It goes further than many autocracies”.

The new act forces ISPs and telecommunication firms to store everyone’s web browsing history for a year and fork that data over to government agencies via a search engine known as the request filter.

Access to this search engine is at the discretion of the police and security agencies – with no judicial oversight of any sort. That means the government can target particular racial/ethnic groups and the activity will never become part of any public records or be subjected to scrutiny.

Other key elements of this bill are:

The GCHQ can utilize bulk data collection on the personal assets of people not accused of wrongdoing, but whose data was gathered from a large number of devices in a targeted area. Companies must decrypt data on demand. Companies must notify the government before new security features are launched. Intelligence agencies like the GCHQ may hack into the devices of citizens.

Former British home secretary Amber Rudd has praised the Snoopers’ Charter, saying that it’s a “world-leading legislation with unprecedented transparency and substantial privacy protection”.

We’d like to have some of what she’s smoking.

But that’s not the only farcical matter. UK security agencies have been collecting data unlawfully for almost two decades prior to the enactment of this bill. The MI5, MI6, and GCHQ were severely rebuked by a British court for engaging in an “illegal regime” to track communications data such as phone and web use and other confidential information.

Basically, the Snoopers’ Charter simply legitimizes a process that’s been taking place since the late 90s, except that the powers granted to the agencies are far more extensive and wide-ranging than ever before.

It goes without saying that UK residents should be extremely wary of these developments. To secure yourself from snoopy intelligence agencies, we recommend you opt for a VPN to circumvent the Snoopers’ Charter.

Another concern that may manifest itself in the very near future is the proposed regulations on the internet by the current Conservative government. The Snoopers’ Charter simply monitors your activity without placing any restrictions on what you may access or say online. The new bill will try to take this a step further by allowing the government to decide what can and what can’t be published on the web.

“Some people say that it is not for the government to regulate when it comes to technology and the internet,” states the proposed manifesto. “We disagree”.

The legislation is part of an attempt to force tech companies to build backdoors into encrypted communication apps such as WhatsApp and Telegram. Ostensibly, this is to help the government in tracking down terrorist movements and communications – but will have the dual effect of compromising the privacy of law-abiding citizens, too.

Britain’s internet is currently ranked as free in the Freedom on the Net Report 2016 compiled by advocacy body Freedom House. But the long-term ramifications of the Snoopers’ Charter and new legislation are still unclear. It’s a strong possibility that we’ll see wilted internet freedom in the years to come, forcing a degradation of this status.